76% of enterprises increased their use of endpoint devices since the beginning of the COVID-19 pandemic, supporting their remote, work-from-home (WFH) and hybrid workforces globally.
66% of enterprises believe securing their networks and infrastructure requires a more focused, proactive approach to endpoint resilience that doesn’t leave endpoint security to chance.
Cybersecurity leader’s top challenges today are maintaining compliance, enforcing security standards, and understanding the health of security controls on each endpoint.
Just 38% of IT leaders can track the ROI of their cybersecurity investments, accentuating the need for more resilient, persistent endpoints that provide greater visibility and control.
These and many other fascinating insights are from Forrester Consulting’s latest study on endpoint security, Take Proactive Approach To Endpoint Security, completed in collaboration with Absolute Software. The study is noteworthy for its impartial, accurate view of the current state of endpoint security and the challenges IT teams face in creating greater endpoint resilience. The study’s methodology is based on 157 interviews with IT and security professionals located in the U.S. and Canada who are decision-makers in endpoint protection, with interviews completed in November and December 2020.
Key insights from the study include the following:
Security leaders are reprioritizing endpoint automation efforts with a strong focus on sensitive or at-risk data. In 2021 automation efforts will focus on sensitive or at-risk data (60%), geolocation (52%), security control health (48%), web-based application usage (36%), patch management (35%), and hardware inventory (32%). Each of these technologies is integral to supporting remote workers. There’s also a significant shift from how automation strategies were prioritized before the pandemic, as the graphic from the study below illustrates:
Maintaining compliance, enforcing security standards, understanding security controls’ health, and measuring security investments are the top challenges to managing endpoint security today. The majority of enterprises, 59%, cannot maintain or prove compliance of endpoints at any given time. Lack of compliance drags down the efficiency of endpoint security efforts, making an entire network more vulnerable. Just over half of enterprises can’t enforce security standards across endpoints or don’t know today’s health. The most surprising finding of the study: 62% of enterprises cannot measure the ROI of their security investments – with half (31%) – strongly disagreeing with how measurable security ROI spend is.
Enterprises see four key areas where endpoint management could improve today. Forrester asked enterprise IT and security leaders which capabilities need to be added to endpoint management systems to make them more effective. The executives first focused on securing sensitive and at-risk data, a sure sign enterprises are moving to a more data-centric cybersecurity model in the future. That’s good news as cyber attackers want to penetrate software supply chains and take control of systems managing data assets. Managing devices remotely at scale is second, which is also a frequent challenge IT and security teams encounter when attempting to patch endpoints. Having an unbreakable digital tether to devices is solving the scale issue while also providing greater endpoint resiliency, visibility, and control.
The pandemic forced every business to become more innovative in supporting work-from-home and hybrid work environments, improving endpoint security an immediate priority. What’s needed is an unbreakable digital tether to all devices, capable of delivering complete visibility and control, enabling real-time insights into the state of those devices, and allowing them to repair security controls and productivity tools autonomously. Of the many solutions available for securing endpoints today, the ones that take a firmware-embedded approach to secure endpoints are proving the most reliable. The more integrated an endpoint is to firmware, the more likely self-healing agents will be reliable while also providing complete visibility across every device on or off the network. Absolute’s firmware-embedded approach is noteworthy in its track record of securing endpoints during the pandemic.
Cybersecurity, privacy and security startups have raised $1.9 billion in three months this year, on pace to reach $7.6 billion or more in 2021, over four times more than was raised throughout 2010 ($1.7 billion), according to a Crunchbase Pro query today.
22,156 startups who either compete in or rely on cybersecurity, security and privacy technologies and solutions as a core part of their business models today, 122 have pre-seed or seed funding in the last twelve months based on a Crunchbase Pro query.
From network and data security to I.T. governance, risk measurement, and policy compliance, cybersecurity is a growing industry estimated to be worth over $300B by 2025, according to C.B. Insight’s Emerging Trends Cybersecurity Report downloadable here.
Today, 680 cybersecurity, privacy, and security startups have received $6.8 billion in funding over the last twelve months, with $4 million being the median funding round and $12.6 million the average funding round for a startup. The number of startups receiving funding this year, funding amounts and the methodology to find the top 20 cybersecurity startups are all based on Crunchbase Pro analysis done today.
The 20 Best Cybersecurity Startups To Watch In 2021
Based on a methodology that equally weighs a startup’s ability to attract new customers, current and projected revenue growth, ability to adapt their solutions to growing industries and position in their chosen markets, the following are the top 20 cybersecurity startups to watch in 2021:
Axis Security – Axis Security’s Application Access Cloud™ is a purpose-built cloud-based solution that makes application access across networks scalable and secure. Built on zero-trust, Application Access Cloud offers a new agentless model that connects users online to any application, private or public, without touching the network or the apps themselves. Axis Security is a privately held company backed by Canaan Partners, Ten Eleven Ventures, and Cyberstarts. Axis is headquartered in San Mateo, California, with research and development in Tel Aviv, Israel.
Bitglass – What makes Bitglass unique and worth watching is how they are evolving their Total Cloud Security Platform to combine cloud access security brokerage, on-device secure web gateways, and zero-trust network access to secure endpoints across all devices. Its Polyscale Architecture is delivering uptimes of 99.99% in customer deployments. Bitglass’s 2020 Insider Threat Report has several interesting insights based on their recent interviews with a leading cybersecurity community. One interesting takeaway is 61% of those surveyed experienced an insider attack in the last 12 months (22% reported at least six).
Cado Security – Cado Security’s cloud-native forensics and response platform helps organizations respond to security incidents in real-time, averting potential breaches and security incidents. The Cado Response platform is built on analytics components that perform thorough forensic analyses of compromised systems. Cado’s platform, Cado Response, is an agentless, cloud-native forensics solution that allows security professionals to quickly and comprehensively understand an incident’s impact across all environments, including cloud and containers as well as on-premise systems. “Finding the root cause of security incidents in cloud or container environments is incredibly difficult. Traditional tools don’t support these new environments, and there is a shortage of people who know both forensics and cloud security,” said CEO James Campbell, formerly Director, Cyber Threat Detection and Response at PricewaterhouseCoopers. “Our Cado Response platform completely changes how security professionals can respond to incidents in the cloud.”
Confluera – Originally mentioned as one of the 20 Best Cybersecurity Startups To Watch In 2020, Confluera’s sustained innovation pace in the middle of a pandemic deserves special mention. They are one of the most resilient startups to watch in 2021.Confluera is a cybersecurity startup helping organizations find sophisticated security attacks going on inside of corporate infrastructures. The startup delivers autonomous infrastructure-wide cyber kill chain tracking and response by leveraging the ‘Continuous Attack Graph’ to stop and remediate cyber threats in real-time deterministically. Confluera’s platform is designed to detect and prevent attackers from navigating infrastructure. Confluera technology combines machine comprehended threat detection with accurately tracked activity trails to stop cyberattacks in real-time, allowing companies to simplify security operations radically. It frees up human security personnel to focus on more important work instead of spending hours trying to join the dots between the thousands of alerts they receive daily, many of which are false positives. The following is a video that explains how Confluera XDR for Cloud Infrastructure works:
DataFleets – DataFleets is a privacy-preserving data engine that unifies distributed data for rapid access, agile analytics, and automated compliance. The platform provides data scientists and developers with a “data fleet” that allows them to create analytics, ML models, and applications on susceptible data sets without direct access to the data. Each data fleet has easy-to-use APIs, and under-the-hood, they ensure data protection using advances in federated computation, transfer learning, encryption, and differential privacy. DataFleets helps organizations overcome data privacy and innovation struggle by maintaining data protection standards for compliance while accelerating data science initiatives.
DefenseStorm – DefenseStorm’s unique approach to providing cybersecurity and cyber-compliance for the banking industry make them one of the top startups to watch in 2021. Their DefenseStorm GRID is the only co-managed, cloud-based and compliance-automated solution of its kind for the banking industry. It monitors everything on a bank’s network. It matches it to defined policies for real-time, complete and proactive cyber exposure readiness, keeping security teams and executives updated on bank networks’ real-time security status. The company’s Threat Ready Active Compliance (TRAC) Team augments its bank customers’ internal teams to protect business continuity and skills availability while ensuring cost-effective coverage and management.
Enso Security – Enso is an application security posture management (ASPM) platform startup known for the depth of its insights and expertise in cybersecurity. With Enso, software security groups can scale and gain control over application security programs to protect applications systematically. The Enso ASPM platform discovers application inventory, ownership, and risk to help security teams quickly build and enforce security policies and transform AppSec into an automated, systematic discipline.
Ethyca – Ethyca is an infrastructure platform that provides developers and product teams with the ability to ensure consumer data privacy throughout applications and services design. It also provides your product, engineering, and privacy teams with unmatched ease of use and functionality to better care about your user’s data. The company helps companies discover sensitive data and then provides a mechanism for customers to delete, see, or edit their data from the system. Ethyca’s mission is to increase trust in data-driven business by building automated data privacy infrastructure. Ethyca’s founder and CEO Cillian Kiernan is a fascinating person to speak with on the topics of privacy, security, GDPR, and CCPA compliance. He continues to set a quick pace of innovation in Ethyca, making this startup one of the most interesting in data privacy today. Here’s an interview he did earlier this year with France 24 English:
Havoc Shield – Havoc Shield reduces the burden on small and medium businesses (SMBs) by giving them access to advanced security technology that protects against data breaches, phishing, dark web activity, and other threats. The Havoc Shield platform offers comprehensive security and compliance features that meet the standards of Fortune 100 companies, making it easier for businesses working to win deals with those companies. “For a long time, cybersecurity technology has been virtually inaccessible to small businesses, who largely can’t afford those resources,” said Brian Fritton, CEO and co-founder of Havoc Shield. “We created Havoc Shield because we believe in democratizing cybersecurity for the little guy. Small businesses deserve the ability to protect what they’ve built, just as much as larger companies that have dedicated cybersecurity staff.” Since the end of Q2 2020, Havoc Shield has quadrupled its client list. In the coming months, the company aims to grow its team to help more small businesses protect themselves from threats and achieve customer trust.
Illumio – Widely considered the leader in micro-segmentation that prevents the spread of breaches inside data centers and cloud environments, Illumio is one of the most interesting cybersecurity startups to watch in 2021. Enterprises such as Morgan Stanley, BNP Paribas, Salesforce, and Oracle NetSuite use Illumio to reduce cyber risk and achieve regulatory compliance. The Illumio Adaptive Security Platform® uniquely protects critical information with real-time application dependency and vulnerability mapping coupled with micro-segmentation that works across any data center, public cloud, or hybrid cloud deployment on bare-metal, virtual machines, and containers. The following video explains why Illumio Core is a better approach to segmentation.
Immuta – Immuta was founded in 2015 based on a mission within the U.S. Intelligence Community to build a platform that accelerates self-service access to and control sensitive data. The Immuta Automated Data Governance platform creates trust across data engineering, security, legal, compliance, and business teams to ensure timely access to critical data with minimal risk while adhering to global data privacy regulations GDPR, CCPA, and HIPAA. Immuta’s automated, scalable, no-code approach makes it easy for users to access the data they need when they need it while protecting sensitive information and ensuring customer privacy. Selected by Fast Company as one of the World’s 50 Most Innovative Companies, Immuta is headquartered in Boston, MA, with offices in College Park, MD, and Columbus, OH.
Isovalent – Isovalent makes software that helps enterprises connect, monitor and secure mission-critical workloads in modern, cloud-native ways. Its flagship technology, Cilium, is the choice of leading global organizations, including Adobe, Capital One, Datadog, GitLab, and many more. Isovalent is headquartered in Mountain View, CA, and is backed by Andreessen Horowitz, Google and Cisco Investments. Earlier this month, Isovalent announced that it had raised $29 million in Series A funding, led by Andreessen Horowitz and Google with participation from Cisco Investments. Google recently selected Cilium as the next-generation dataplane for its GKE offering calling Cilium “the most mature eBPF implementation for Kubernetes out there” in its “New GKE Dataplane V2 increases security and visibility for containers” blog: https://cloud.google.com/blog/products/containers-kubernetes/bringing-ebpf-and-cilium-to-google-kubernetes-engine.
JupiterOne – JupiterOne, Inc. reduces cloud security cost and complexity, replacing guesswork with granular data about cyber assets and configurations. The company’s software helps security operations teams shorten the path to security and compliance and improve their overall posture through continuous data aggregation and relationship modeling across all assets. JupiterOne customers include Reddit, Databricks, HashiCorp, Addepar, Auth0, LifeOmic, and OhMD. Earlier this year, JupiterOne received $19 million in venture funding. The Series A round was led by Bain Capital Ventures, with additional investment from Rain Capital, LifeOmic, and individual investors. “JupiterOne has developed a compelling product that integrates quickly, has applicability across enterprise segments, and is highly reviewed by current customers,” said Enrique Salem, partner at Bain Capital Ventures and former CEO at Symantec. Salem now joins the JupiterOne board. “We see a multibillion-dollar market opportunity for this technology across mid-market and enterprise customers. Asset management is the first step in building a successful security program, and it’s currently a tedious, imperfect process that’s well-suited for automation.”
Lightspin – Lightspin is a pioneer in contextual cloud security protecting native, Kubernetes, and microservices from known and unknown risks and has recently announced a $4 million seed funding round on November 24th. They will use the proceeds of the round to finance continued R&D on how to secure cloud infrastructures. The financing round was led by Ibex Investors LLC, the firm’s first global investment from its new $100 million early-stage fund, and also included participation from private angel investors. Lightspin’s technology uses graph-based tools and algorithms to provide rapid, in-depth visualizations of cloud stacks, analyze potential attack paths and detect the root causes, all of which are the most critical vulnerabilities that attackers can exploit.
Orca Security – Orca Security is noteworthy for its innovative approach to providing instant-on, workload-deep security for AWS, Azure, and GCP without the gaps in agents’ coverage and operational costs.Orca integrates cloud platforms as an interconnected web of assets, prioritizing risk based on environmental context. Delivered as SaaS, Orca Security’s patent-pending SideScanning™ technology reads cloud configuration and workloads’ runtime block storage out-of-band, detecting vulnerabilities, malware, misconfigurations, lateral movement risk, weak and leaked passwords, and unsecured PII.
SECURITI.ai – SECURITI.ai is an AI-Powered PrivacyOps company that helps automate all significant functions needed for privacy compliance on a single platform. It enables enterprises to grant individual and group rights to data and comply with global privacy regulations like CCPA and bolster their brands. They collect and manage consent from multiple sources, including web properties, web forms, and SaaS applications. Their AI-Powered PrivacyOps platform is a full-stack solution that operationalizes and simplifies privacy compliance using robotic automation and a natural language interface. SECURITI.ai was founded in November 2018 and is headquartered in San Jose, California.
SecureStack – SecureStack helps software developers find security & scalability gaps in their web applications and offers ways to fix those gaps without forcing them to become security experts. The results are faster time to business and a 60%-70% reduction in the app attack surface.
The SecureStack platform’s intelligent automation manages security controls across distributed infrastructures using rules and profiles customizable by customers. SecureStack is noteworthy for its analytics and logging expertise in helping enterprises scale applications across cloud infrastructures.
Stairwell – What makes Stairwell one of the top startups to watch in 2021 is its unique approach to cybersecurity built around a vision that all security teams should be able to determine what alerts are threat-related or not and why. Mike Wiacek, the founder of Google’s Threat Analysis Group and co-founder and former Chief Security Officer of Alphabet moonshot Chronicle, leads the company as its CEO and founder. Wiacek is joined by Jan Kang, former Chief Legal Officer at Chronicle, as COO and General Counsel. Stairwell is backed by Accel Venture Partners, Sequoia Capital, Gradient Ventures, and Allen & Company LLC.
Ubiq Security – What makes Ubiq Security one of the top cybersecurity startups to watch in 2021 is how rapidly their API-based developer platform is maturing while gaining traction in the market. Ubiq Security recently signed commercial agreements with the United States Army and the Department of Homeland Security. This month, the startup announced it had raised $6.4 million in a seed equity investment round. Okapi Venture Capital, an early investor in Crowdstrike, led the round with participation from TenOneTen Ventures, Cove Fund, DLA Piper Venture, Volta Global, and Alexandria Venture Investments. Ubiq will use the funds to accelerate platform development, developer relations, and customer acquisition.
Unit21 – Unit21 helps protect businesses against adversaries through a simple API and dashboard to detect and manage money laundering, fraud, and other sophisticated risks across multiple industries. Former Affirm and Shape Security employees Trisha Kothari and Clarence Chio founded Unit21 in 2018 and work with customers like Intuit, Coinbase, Gusto, and Line to create a powerful & customizable rules engine for risk and compliance teams. Unit21’s highly flexible, customizable, and intelligent cloud-based system provides a configurable engine for transaction monitoring, identity verification, case management, operations management, and analytics and reporting. On October 19th of this year, Unit21 announced a $13 million funding round led by A.Capital Ventures. Additional participation includes investors such as Gradient Ventures (Google’s A.I. venture fund), Core V.C., South Park Commons, Diane Greene (founder of VMWare), William Hockey (founder of Plaid), Chris Britt and Ryan King (founders of Chime), Sumit Agarwal (founder of Shape Security), and Michael Vaughan (former COO of Venmo). Unit21 will use the new capital to grow its product and distribution-focused management team, increase sales and marketing efforts, and sell into new industries.
30% of US and UK remote workers say their organizations don’t require them to use a secure access tool, including VPN, to log into corporate databases and systems, according to Ivanti’s 2021 Secure Consumer Cyber Report.
Plus, 25% of remote workers in the US and UK aren’t required to have specific security software running on their devices to access certain applications while working remotely.
And one in four US remote workers use their work email and passwords to log in to consumer websites and apps.
Cybersecurity gaps have continued to widen during the pandemic. A noteworthy survey by Ivanti illustrates exactly how remote workers are putting organizations at risk and where enterprise security is falling short, making those cybersecurity gaps challenging for CISOs to close. Ivanti’s 2021 Secure Consumer Cyber Report outlines the challenges that cybersecurity and IT teams have faced when securing remote workers in what’s being described as the “Everywhere Workplace.” Based on interviews with more than 2,000 US and UK respondents working from home in November 2020, the survey shows that authentication and endpoint security needs to improve across all devices that employees use.
IT Organizations Need Help Closing Their Cybersecurity Gaps
Of the many lessons learned from 2020, among the most valuable are how virtual workforces need self-diagnosing and self-remediating endpoints, while IT organizations need improved unified endpoint management (UEM) as part of a zero-trust strategy. Bad actors continue to target remote workers’ privileged access credentials to gain access and exfiltrate customer, financial and proprietary data, including intellectual property. Ivanti’s survey provides insights into where cybersecurity gaps need attention first:
The most challenging threat surface to protect is a person’s identity because it’s exposed across so many threat surfaces, including personal and work devices, consumer websites, and IoT devices in homes. The pandemic is proving identities are the new security perimeter. A person’s cell phone, personal tablet, and laptop is a real-time digital definition of a person’s identity. Nearly half (49%) of US remote workers use personal devices for their jobs, often without two-factor authentication enabled. The graphic below shows how organizations can close this cybersecurity gap by adopting UEM as part of their go-forward initiatives in 2021 and beyond:
Lack of consistent security software and password standards is a big contributor to US and UK organizations’ cybersecurity gaps today. One in four remote workers can access enterprise resources without any security software in place. An even more surprising finding is that 30% of remote workers in the US and UK can access corporate data without a secure access tool or VPN connection. If a remote worker’s identity is compromised, there’s a one in three chance that their organization will be breached, enabling cyberattackers to move laterally through the company’s systems:
Protecting remote workers’ identities & devices at scale requires Zero Trust. Automating as many tasks as possible while providing a continuous and seamless user experience is the surest way to close cybersecurity gaps. Getting rid of passwords and automating two-factor authentication using Zero Sign-On (ZSO), a core part of the Ivanti platform, is proving essential today. Zero Sign-On relies on proven biometrics, including Apple’s Face ID, as a secondary authentication factor to gain access to work email, unified communications and collaboration tools, and corporate-shared databases and resources. CISOs and their teams also need to consider how mobile threat defense can better secure personal devices against phishing, device, network, and malicious app threats. Late last year, MobileIron (now part of Ivanti) received its second mention in two years in the Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q3 2020. The Forrester Wave graphic is shown below:
In conclusion, enterprise cybersecurity gaps are widening due to a combination of risky consumer behavior and a lack of consistent security for mobile workforces. And these gaps will only increase as employees increasingly work from anywhere, using their personal devices to connect to corporate resources. To secure and enable the future of work, organizations need to start implementing and maturing an end-to-end zero trust security model today by leveraging new technologies and protecting their current security technology investments.
The Pharma industry has lost $14 billion through Intellectual Property (IP) cyber theft worldwide, according to the United Kingdom Office of Cyber Security and Information Assurance.
53% of pharmaceutical IP thefts and related breaches are carried out by someone with insider access, also according to the United Kingdom Office of Cyber Security and Information Assurance.
The pharma industry’s average total cost of a data breach is $5.06 million, with one of the highest costs of remediating the breach at $10.81 million across all industries, according to a recent ProofPoint study.
Over 93% of healthcare organizations experienced a data breach in the past three years, and 57% have had more than five data breaches, according to the Cybersecurity Ventures 2020 Healthcare Cybersecurity Report.
Gartner predicts the privileged access management (PAM) market will grow at a compound annual growth rate (CAGR) of 10.7% from 2020 through 2024, reaching $2.9 billion by 2024.
Bottom Line: Having developed COVID-19 vaccines in a fraction of the time it takes to create new treatments, pharmaceutical companies need to protect the priceless IP, supporting data, and supply chains from cyberattacks.
Showing how powerful global collaboration between pharmaceutical industry leaders can be, the world’s leading vaccine producers delivered new vaccines in record time. The IP behind COVID-19 vaccines and their supporting supply chains need state-of-the-art protection comprised of cybersecurity technologies and systems, as the vaccines’ IP is an asset that cyber attackers have already tried to obtain.
Pharmaceutical’s Growing Number of Threat Surfaces Make Cybersecurity a Priority
The report provides specifics about how cyber attackers could impersonate an executive from a Chinese biomedical company known for having end-to-end cold chain expertise, which is essential for delivering vaccines reliably. The cyber attackers conducted spear-phishing attacks against global companies who support the global cold chain needed for distributing vaccines. There were credential harvesting attempts against global organizations in at least six countries known today to access vaccine transport and distribution sensitive information.
Launching a phishing campaign with the goal of harvesting details on key executives and access credentials across the cold chain is just the beginning. According to Lookout’s Pharmaceutical Industry Threat Report, some of the most significant threat surfaces are the most problematic today, including the following:
Research & Development & Clinical Trials
Collaborative research teams across pharmaceutical manufacturers globally
Scientists creating initial compounds and completing primary research to define a vaccine.
Integration of study sites at the test device and reporting system level
Manufacturing and Distribution
Plant workers’ systems, including tablets with build instructions on them
Physician & Pharmacist Networks
Distribution Channels and their supporting IT systems
Cyber attackers are taking a more synchronized, multifaceted approach to attacking Covid-19 supply chains, reiterated in CISA’s report. There’s evidence that state-sponsored cyber attackers attempt to move laterally through networks and remain there in stealth, allowing them to conduct cyber espionage and collect additional confidential information from victim environments for future operations. Cyber attackers are initially focused on phishing, followed by malware distribution, registration of new Covid-specific domain names, and always looking for unprotected threat surfaces.
10 Ways Cybersecurity Can Protect COVID-19 Vaccine Supply Chains
By combining multiple cybersecurity best practices and strategies, pharmaceutical companies stand a better chance of protecting their valuable IP and vaccines. Presented below are ten ways the pharmaceutical industry needs to protect the COVID-19 vaccine supply chain today:
Prioritize Privileged Access Management (PAM) across the vaccine supply chain, ensuring least privilege access to sensitive data starting with IP. CISA’s note finds that there have been multiple attempts at capturing privileged credentials, which often have broad access privileges and are frequently left standing open. PAM is needed immediately to institute greater controls around these privileged accounts across the supply chain and only grant just enough just-in-time access to sensitive IP, shipping and logistics data, vaccination schedules, and more. Leaders include Centrify, which is noteworthy for cloud-based PAM implementations at the enterprise and supply chain levels. Additional vendors in this area include BeyondTrust, CyberArk, Ivanti, Thycotic, Ping Identity, and Senhasegura.
Assess every supplier’s security readiness in vaccine supply chains, defining minimum levels of compliance to security standards that include a single, unified security model across all companies. In creating a secured vaccine supply chain, it’s imperative to have every supplier network member on the same security model. Taking this step ensures accountability, greater clarity of roles and responsibilities, and a common definition of privileged roles and access privileges. Leaders in this area include BeyondTrust, Centrify, CyberArk, Ivanti, and Thycotic.
Taking a Zero Trust-based approach to secure every endpoint across the vaccine manufacturer’s R&D, Clinical Trials, Manufacturing, and Distribution networks is necessary to shut down cyber attackers taking advantage of legacy security weaknesses approaches. The pharmaceutical companies and myriad logistics providers see a much faster than the expected proliferation of endpoints today. Trusted and untrusted domains from legacy server operating systems are a time sink when it comes to securing endpoints – and proving unreliable despite the best efforts that Security Operations teams are putting into them. Worst of all, they leave vaccine supply chains vulnerable because they often take an outdated “trust but verify” cybersecurity approach. Leaders include Illumio, Ivanti (MobileIron), Cisco, Appgate, Palo Alto Networks, and Akamai Technologies.
Extend the Zero Trust framework across the entire supply chain by implementing microsegmentation and endpoint security requirements across all phases of the vaccine’s development cycles. This will ensure cyber attackers don’t have the opportunity to embed code to activate later. The goal is to push Zero Trust principles to all related processes integrating with the vaccines’ pipeline, including all dependencies across the entire development lifecycle.
Incorporating Multi-Factor Authentication (MFA) across every system in the vaccine supply chain is a given. Usernames and passwords alone are not enough, and MFA is low-hanging fruit to authenticate authorized users. MFA is based on two or more factors that can authenticate who you are based on something you know (passwords, PINs, code works), something you have (a smartphone, tokens devices that produce pins or pre-defined pins), or something you are (biometrics, facial recognition, fingerprints, iris, and face scans). For example, Google provides MFA as part of their account management to every account holder and has a thorough security check-up, which is useful for seeing how many times a given password has been reused.
Alleviate the conflicts of who will pay for increasing cybersecurity measures by making supplier-level security a separate line item in any CISOs and CIO’s budget. Today certain pharma supply chain CISOs are expected to ramp up cybersecurity programs with the same budget before Covid-19. While there are slight increases in cybersecurity budget levels, it’s often not enough to cover the higher costs of securing a broader scope of supply chain operations. CISOs need to have greater control over cybersecurity budgets to protect vaccine IP and distribution. Relying on traditional IT budgets controlled by CIOs isn’t working. There needs to be a new level of financial commitment to securing vaccine supply chains.
Consider using an AIOps platform adept at unifying diverse IT environments into a single, cohesive AI-based intelligence system that can identify anomalous network behavior in real-time and take action to avert breaches. Based on conversations with CIOs across the financial services industry, it is clear they’re leaning in the direction of AIOps platforms that provide real-time integration to cloud platforms combined with greater control over IT infrastructure. LogicMonitor’s prioritizing IT integration as a core strength of their platform shows, as they have over 2,000 integrations available out of the box. Relying on Collectors’ agentless system, LogicMonitor retrieves metrics such as cloud provider health and billing information. This collector then pulls metrics from different devices using various methods, including SNMP, WMI, perf Mon JMX, APIs, and scripts.
Unified Endpoint Security (UES) needs to become a standard across all vaccine supply chains now. Vendors who can rapidly process large amounts of data to detect previously unknown threats are needed today to stop cyberattacks from capturing IP, shipment data, and valuable logistics information. Absolute Software’s approach to leveraging its unique persistence, resilience, and intelligence capabilities is worth watching. Their approach delivers unified endpoint security by relying on their Endpoint Resilience platform, which includes a permanent digital tether to every enterprise’s endpoint. Absolute is enabling self-healing, greater visibility, and control by having an undeletable digital thread to every device. Based on conversations with their customers in Education and Healthcare, Absolute’s unique approach gives IT complete visibility into where every device is at all times and what each device configuration looks like in real-time.
Pharma supply chains need to have a strategy for achieving more consistent Unified Endpoint Management (UEM) across every device and threat surface of the vaccine supply chain. UEM’s many benefits, including streamlining continuous OS updates across multiple mobile platforms, enabling device management regardless of the connection, and having an architecture capable of supporting a wide range of devices and operating systems. Another major benefit enterprises mention is automating Internet-based patching, policy, configuration management. Ivanti is the global market leader in UEM, and their recent acquisition of Cherwell expands the reach of their Neurons platform, providing service and asset management from IT to lines of business and from every endpoint to the IoT edge. Neurons are Ivanti’s AI-based hyper-automation platform that connects Unified Endpoint Management, Security, and Enterprise Service Management. Ivanti is prioritizing its customers’ needs to autonomously self-heal and self-secure devices and self-service end-users.
Track-and-traceability is essential in any vaccine supply chain, making the idea of cyber-physical passports that include serialization for vaccine batches more realistic given how complex supply chains are today. Passports are an advanced labeling technology that provides the benefits of virtual tracking, verification of specific compounds, and yield rates of key materials. Serialization is a must-have for ensuring greater traceability across vaccine supply chains proving effective in stopping counterfeiting. Having digital passports traceable electronically can further help thwart cyber attackers.
By closing the cybersecurity gaps in vaccine supply chains, the world’s nations can find new, leaner, more efficient processes to distribute vaccines and protect their citizens. It’s evident from the results achieved so far in the U.S. alone that relying on traditional supply chains and means of distribution isn’t getting the job done fast enough, and cyber attackers are already looking to take advantage. By combining multiple cybersecurity tactics, techniques, and procedures, the vaccine supply chain stands to improve and be more secure from threats.
Bottom Line: Bad actors quickly capitalize on the wide gaps in machine identity security, creating one of the most breachable threat surfaces today.
Why Machines Are the Most Challenging Threat Surface To Protect
Forrester’s recent webinar on the topic, How To Secure And Govern Non-Human Identities, estimates that machine identities (including bots, robots and IoT) are growing twice as fast as human identities on organizational networks. Forrester defines machine, or non-human, identities as robotic process automation (bots), robots (industrial, enterprise, medical, military) and IoT devices.
The webinar points out that one of the fastest-growing automation types is software bots, with 36% used in finance and accounting, 15% used in business line and 15% in IT. The webinar also points out that in 2019, there were 2.25 million robots in the global workforce, twice as many as in 2010 and 32% of global infrastructure decision-makers expect their firms to use robotic process automation (RPA) over the next 12 months.
According to the Forrester Consulting white paper, Securing The Enterprise With Machine Identity Protection, over 50% of organizations find it challenging to protect their machine identities today. Unprotected machine identities are making it easy for bad actors to take control of entire networks of devices. Bad actors rely on organizations’ bots to provide the cover they need to attack networks and devices, often undetected for months or years.
Forrester found that machine identities are left exposed to bad actors because organizations aren’t adopting the tools they need to create and manage a centralized Identity Access Management (IAM) strategy across all machines. This includes defining and enforcing policies, auditing each machine and endpoint and better integrating support across machines and monitoring systems.
Furthermore, by adopting a more modern Privileged Identity Management (PIM) approach, organizations could solve many of these challenges. Leading PIM solutions providers include Centrify, which has succeeded in adapting to the ephemeral nature of securing machine identities by delivering machine identity and credential authentication based on a centralized trust model.
The Forrester report’s bottom line is that machines are isolated, exposed and more vulnerable than any other endpoint on a network. The following graphic compares protection strategies and finds a majority of organizations struggling to deliver them:
Machine Identities Are Networks’ Weakest Security Link
According to a Venafi study, machine identity attacks grew 400% between 2018 and 2019, increasing by over 700% between 2014 and 2019. Malware capable of compromising machine identities continues to gain momentum, doubling between 2018 and 2019 and growing 300% over the five years leading up to 2019. According to Kount’s 2020 Bot Landscape and Impact Report, 81% of enterprises are regularly dealing with malicious bots today and one in four say a single bot attack has cost them $500,000 or more. Furthermore, many organizations may not realize how many bots and machine identities they have – and bad actors capable of creating hundreds using automated scripting tools.
Forrester provided the following data points underscoring how vulnerable machines are to botnet and identity-based attacks today:
The 2017 Mirai botnet attack is a cautionary tale of the dangers of using default security credentials on machines and IoT devices. Using botnets to automate scans of vast blocks of IP addresses for potential telnet ports to log into, the Mirai botnets were programmed to rapidly try a series of basic usernames and passwords to gain access to IoT devices and machines. The Mirai botnets were successful, gaining control of thousands of machines and orchestrating them to deliver one of the largest DDOS attacks in history.
It’s common for enterprises to lose track of how many bots they’ve created, giving malicious actors the perfect cover to mask their movements. Instead of creating their bots, malicious actors look to disguise their movements across a network with a company’s bots. Forrester’s webinar mentioned how a large North American insurance provider deployed 400 software bots for customer-facing digital chatbots and processing claims, among other tasks.
There’s often no oversight of who has the rights to create and launch bots internally, leading to potentially thousands of bots without secured identities. One of the most troubling findings presented during the webinar is how loose the process is to create a bot – with no checks and balances in place or means of achieving consistent identity management.
How To Strengthen Machine Security
The more challenging any machine threat surface is to protect, the more opportunity it provides bad actors to breach them. A good place to start is by clarifying who owns keeping Transport Layer Security (TLS) and previous-generation Secured-Sockets Layer (SSL) client and server certificates, code signing certificates, Secure Shell (SSH) host and cryptographic keys so they are kept up to date. Letting those fall through the cracks will leave thousands of machines exposed and exploitable on networks.
Prioritizing machine identities and securing machine credentials is a must-have in 2021, as botnet attacks are quickly increasing due to bad actors’ being able to spin up thousands of them in days. The following are key steps to get started:
Taking a Zero Trust approach to managing every machine identity authentication on a network now could save thousands of hours and dollars in the future. Taking a least privilege access approach to managing machines now will pay off in the future, as the workloads of machines and non-human entities continue to grow more complex. The Forrester webinar expands on this point by explaining how new, more complex inter-machine relationships are evolving quicker than legacy approaches to endpoint governance and security can keep up.
Privileged access controls need to be more adaptive, secure and scalable than many organizations’ static-based approaches to securing machines are today. Forrester recommends replacing long-standing hardcoded credentials with session-based ones assigned via API calls from a vault. Machines are being used 24/7 and have access patterns completely different from humans using the network, making dynamically-assigned, ephemeral credentials even more important to protect a network. Privileged Identity Management (PIM) proves effective at providing privileged access controls for machine identities, with Forrester mentioning Centrify, HashiCorp and others as leaders in this area. Centrify’s approach is noteworthy in enrolling machines with its platform via a client to establish a trust relationship, so applications running on that machine can also be authenticated using a short-lived, scoped token.
Monitoring more machines on a network often leads to a transition from legacy to integrated log monitoring systems that can capture, analyze and report anomalous activity across a network. Log Monitoring systems are proving invaluable in identifying machine endpoint configuration and performance anomalies in real-time. AIOps is proving effective in identifying anomalies and performance event correlations in real-time, contributing to greater business continuity. One of the leaders in this area is LogicMonitor, whose AIOps-enabled infrastructure monitoring and observability platform have proven successful in troubleshooting infrastructure problems and ensuring business continuity.
Perform periodic audits to track all bots and machines in use across an organization, using Microsoft Active Directory to inventory and manage all of them. One of the most valuable take-aways from the Forrester webinar is the need to manage machine identities and their credentials centrally. Forrester mentions Microsoft Active Directory as one option. The companies providing services in this area include Centrify, which pioneered Active Directory bridging to authenticate human and machine identities based on a centralized model from a single identity repository.
Machines, or as Forrester calls them in their webinar, non-human identities require more precise, adaptive and ephemeral identity structures and access controls. CISOs and CIOs need to take greater ownership of machine identity authentication and provide Identity Access Management (IAM) and Privileged Access Management (PAM) down to the bot and non-human identity level. With the exponential growth of malicious bots tracking machine identities, now is the time to place machine identities among the highest priority of any cybersecurity strategy in 2021.
Bottom Line: Cybersecurity CEOs’ lessons learned from navigating the pandemic provide a valuable framework for leading and growing a business through anxious, uncertain times.
How each cybersecurity CEO responds to the challenges of keeping employees safe, customers secure and product release cycles on schedule while still achieving customer success – all virtually – provide valuable insights into leading a company during difficult times. Simon Biddiscombe, former CEO of MobileIron (acquired by Ivanti), exemplifies the empathy all CEOs interviewed have for their employees’ welfare. “My first priority when the pandemic hit was to protect the health and safety of our employees, yet still maintain an “always-on business” for our customers,” Simon mentioned during a recent interview.
What made leading during the pandemic even more difficult was the exponentially increasing number of breaches and cyberattacks their customers are experiencing. McAfee Labs Covid-19 Threats Report found a 630% increase in cloud services cyberattacks between January and April of this year alone. The FBI estimates cyberattacks are up 400% due to the pandemic. As DevOps teams fast-track new features and releases, CEOs keep their virtual organizations cohesive and focused on the same goals.
The following cybersecurity CEOs provide their most valuable lessons learned leading through the pandemic:
Christy Wyatt, CEO of Absolute Software
Absolute is a leader in Endpoint Resilience solutions and the industry’s only undeletable defense platform embedded in over a half-billion devices. Enabling a permanent digital tether between the endpoint and the enterprise who distributed it, Absolute provides IT and Security organizations with always-connected visibility and Self-Healing Endpoint security.
“What are the most valuable lessons learned leading through a pandemic?”
There was a clear moment for us where we said, “What is our objective? What is the best response to this?” And the phrase that came out was, “How can we help?” We knew our primary focus needed to be helping our customers solve a massive problem, instead of monetizing this opportunity. Making this decision to come together as a mission-driven organization… that was so incredibly powerful.
Even as life was changing drastically between breakfast and dinner every single day and employees were navigating their own work-from-home journeys and trying to care for their families, what we heard was that this ability to contribute was the thing that they were hanging onto. They were able to say, “Listen, I’m getting up every morning and I’m helping organizations with something that’s really scary and unfamiliar.” And, they did remarkable things… these teams put themselves through so much to help our customers stand up remote work and learning environments essentially overnight.
I always say you don’t win the race when you’re in the race. It’s the training and the practice, and the talking,and the drills and the teamwork… which we had been working on long before the pandemic hit. So I think my biggest takeaway is that if you put in the training upfront and you focus on doing the right things, the right things will happen. And you really can achieve more than you thought you could.
Flint Brenton – President and CEO of Centrify
Centrify is redefining the legacy approach to Privileged Access Management by delivering multi-cloud-architected Identity-Centric PAM to enable digital transformation at scale. Centrify Identity-Centric PAM establishes trust and then grants least privilege access just-in-time based on verifying who is requesting access, the context of the request and the risk of the access environment. Centrify centralizes and orchestrates fragmented identities, improves audit and compliance visibility and reduces risk, complexity and costs for the modern, hybrid enterprise.
“What are the most valuable lessons learned leading through a pandemic?”
“Our customers and the people they serve are all going through rapid change. When you look at the concept of digital transformation, a lot of companies were struggling with that before the pandemic. Now we know that we can’t live without it. The role of the developer is more important than ever and they are driving innovation in a very different environment than they’ve ever experienced.
One of the most valuable lessons I’ve learned during the pandemic is that no matter what the obstacles are, people need connection. For a company like Centrify, that means we need to be connected to our customers intellectually, strategically, virtually and – eventually – physically.
An example of this was very clear recently, as we engaged in discussions with one of the world’s largest financial institutions to replace their existing password vaulting solution. They have a vision for where they want to be, how they are going to get there and how they are going to secure that transformation. But they need the right partner who not only has the technology capabilities and architecture for a cloud-focused, DevOps-drive, digitally-enabled enterprise, but also to understand their vision and be invested in their success.
So the CIO asked me to personally track the rollout of our product against their product enablement success and he was very interested in how our vision of Privileged Access Management will converge with cloud security, DevOps and other modern technologies and empower their vision and plan. Ultimately, he wanted connectedness. He wants a personal relationship built on understanding, honesty and accountability, even if that relationship can’t be forged and nurtured over a dinner or meeting in a conference room.
That’s the biggest lesson I’ve learned leading this year: that customers, employees, partners and peers want to be connected any way possible, even if they can’t do so in close physical proximity yet.”
Steve Havas, CEO of Evernym
Evernym is a pioneer in the field of verifiable credential technology, which gives individuals control over their digital identity and organizations the ability to trust and verify their data. Evernym builds and deploys self-sovereign identity solutions, with the technology and go-to-market resources powering the largest implementations of digital credentials in production.
“What are the most valuable lessons learned leading through a pandemic?”
The pandemic has been, to say the least, impactful on society and our business. The market changes have required ruthless listening to customer needs and absolute focus on delivering what’s needed today.
We’ve all anticipated a gradual convergence of the digital and physical worlds, but that timeline has been accelerated by the sudden rise in remote work/education and contactless identity verification. We’re fortunate that this is the future we’ve been building toward, although we would have never imagined many of the COVID-19 credential use cases that are now mission-critical for our customers. It’s certainly been a lesson in adaptability and prioritization.
Benji Markoff, CEO of Founder Shield
About Founder Shield
Founder Shield is a tech-enabled insurance brokerage, focusing on rapidly growing businesses that operate in emerging industries. As a broker, we have a unique perspective of protecting our clients against cyber threats and guiding them to recovery should their fall victim. We work with forward-thinking insurers using proprietary cyber risk management tools, while also offering the most innovative insurance coverage possible.
“What are the most valuable lessons learned leading through a pandemic?”
People say that fortunes are won and lost in times like these and it certainly appears that hackers & social engineering fraudsters have gotten that memo. Over the past 6 months, we’ve seen an increase in both hacking and social engineering attacks on clients of all shape and size $5M Revenue to $500M revenue. The reports suggest that working from home has only increased vulnerabilities of company networks (or lack thereof as employees use home networks) and the ability to induce fraudulent payments from employees who might not be able to lean over to a coworker to fact check a fishy invoice. The valuable lesson? Do a cyber audit and make sure you’re training your team on spotting social engineering and phishing scams.
Anand S – CEO at Gramener: Insights as Data Stories
About Gramener: Insights as Data Stories
Gramener is a data science company that helps solve complex business problems with compelling data stories using insights and a low-code analytics platform. We help enterprises large and small with data insights and storytelling by leveraging Machine Learning, Artificial Intelligence, Automated Analysis and Visual Intelligence using modern charts and narratives (NLG). Our Gramex platform is a low-code framework to rapidly build engaging data solutions across multiple business verticals and use cases. Our products have empowered CXOs, Chief Data Officers, Scientists, Business Analysts and others save millions of dollars by making an impact on revenue and decision making. Gramener was founded in 2010 and has over 325+ clients worldwide, 200+ employees and 5 offices globally including the United States and Singapore.
“What are the most valuable lessons learned leading through a pandemic?”
As an SMB we leaned more towards cost optimization over premium cybersecurity tools and services, resulting in ring-fencing our office infrastructure more. Due to COVID-19, when we moved 100% remote, our cybersecurity controls fell short to defend us against external threats. We had to extend the security protocols like moving all work to Virtual Desktop Infrastructure (VDI), strengthen VPN tunnel security, implement 2FA for all logins, opt for more security services from our Cloud service provider.
We accelerated digitization across operations and increased spending in Cloud security and production application security. We are revisiting our current approach and playbooks for cybersecurity.
– We are evaluating the current 3rd party service providers offering and reevaluating if they still have same level security controls in place at their end
We are conducting an accelerated implementation of Data Security protocols across the organization and not just on client specific projects. This includes updates to Information Security Policy around Data classification, Data tracking and protection.
With 100% remote operations, we are moving to VDI for all production and critical services. This means access to all data is through dedicated VPN Tunnels only. This is to mitigate any exposure to data from folks working at home.
– Our Virtual Desktop Infrastructure allows our IT teams to protect client sensitive data to a restricted cloud environment. All the tools and 3rd party cloud services required by our team members to perform their tasks are provided in the VDI. No data can be extracted or moved from VDI instances.
– All internal company data around operations, team members, Intellectual Property are a prime target for cyberattacks and ransomware. We have moved to a secure VPN tunnel architecture for all our team members to access company internal systems. Earlier this was restricted to a small group of functions. By mandating access via secure VPN tunnel our IT team has centralized visibility of all traffic across the network and can intervene quickly against any potential threats.
We are mandating 2FA. Earlier employee convenience led to not mandating 2FA for all our services. Now 2FA has been made mandatory across all services.
In order to optimize costs, we are consolidating tools used in the organization to identify overlapping functionalities and getting rid of those which are no longer required.
Apu Pavithran, founder and CEO of Hexnode
Hexnode MDM is the award-winning Unified Endpoint Management platform from Mitsogo Inc. The company has been helping organizations in over 100 countries to stay agile and competitive in an increasingly mobile world. Mitsogo Inc. is a leading provider of Endpoint Management and security solutions. From SMBs to Fortune 500s, enterprises of all sizes have leveraged Mitsogo’s prowess in device management to drive business productivity and compliance. Mitsogo’s solutions adapt to the most complex of business environments.
“What are the most valuable lessons learned leading through a pandemic?”
Navigate the path, trust your crew
Being a CEO, as lucrative as it may seem has its own little big challenges, for example, they don’t tell you that there are no off days. There are always thousands of choices to be made and tons of pathways to be chosen, but the absolute worst thing comes when we face an uncertainty that was never on the radar.
And when the pandemic hit, the team needed support more than ever, I had to switch through the roles of commander in chief, therapist, cheerleader and even at times a babysitter. After all, you have to be the rock for your employees, or else it shows. But fortunately, I was so lucky to be surrounded by like-minded people who are as passionate as the founder about our business and customers.
We had to establish a fully remote work landscape and it was not what we would have expected, it was at a time when everyone was very insecure about COVID-19. People were worried about their safety, the safety of their families and work started to slip into second gear, some of us were even having mental breakdowns. It was time to be the person that the team could look up to.
“Customer is king”, is a tired old saying but that is what Hexnode live by, we had a commitment towards our clients, so we had to provide uninterrupted service for them rain or shine. So, we made a decision that would be deemed “mad “from a financial standpoint.
We rented out hotel rooms and made guesthouses for each of our employees around the globe and ran security and screening protocols equivalent to that of hospitals. Soon the stress levels were back to normal and the team started to enjoy the atmosphere. Productivity became better than pre-COVID levels.
As a leader, your team should be able to trust that you’re going to do everything in your power to navigate them through this tough time. The greatest asset for every business is said to be “finding the right staff”, but I would say it is “how you create the right staff”. The most valuable lesson l learned during this pandemic is “When the crew is great you just have to navigate, they will pull through all the tides and storms coming your way. They always do”.
Brad Wiskirchen, CEO, Kount
Kount’s Identity Trust Global Network delivers real-time fraud prevention and account protection and enables personalized customer experiences for more than 9,000 leading brands and payment providers. Linked by Kount’s award-winning AI, the Identity Trust Global Network analyzes signals from 32 billion annual interactions to personalize user experiences across the spectrum of trust—from frictionless experiences to blocking fraud. Quick and accurate identity trust decisions deliver safe payment, account creation and login events while reducing digital fraud, chargebacks, false positives and manual reviews.
“What are the most valuable lessons learned leading through a pandemic?”
Open, honest, fearless communication. The Kount team has lived by this motto for more than a decade and never before has it been more tested and more relevant than in navigating the events of 2020. From moving our entire team to remote work to quickly pivoting to help our eCommerce businesses handle dramatic changes in transaction volume, it’s essential that our team communicate at the highest levels. As the impacts of the pandemic are often deeply personal, open, honest, fearless communication has empowered us to balance individual needs, customer needs and company needs while uniting us in our mission to do whatever it takes to stop digital fraud for our customers.
Simon Biddiscombe, former CEO of MobileIron (acquired by Ivanti)
MobileIron is redefining enterprise security with the industry’s first mobile-centric security platform for the Everywhere Enterprise. MobileIron’s platform combines award-winning and industry-leading unified endpoint management (UEM) capabilities with passwordless MFA (Zero Sign-On) and mobile threat defense (MTD) to validate the device, establish user context, verify the network and detect and remediate threats to ensure that only authorized users, devices, apps and services can access business resources in a “work from everywhere” world.
“What are the most valuable lessons learned leading through a pandemic?”
As a leader during a pandemic, you must go above and beyond to provide your employees and customers with world-class service and support. My first priority when the pandemic hit was to protect the health and safety of our employees, yet still maintain an “always on business” for our customers. At MobileIron, we quickly enabled our employees around the world to work remotely. We also made it as easy as possible for our customers to issue more corporate-owned devices or enable a BYOD program to keep their employees secure and connected – whether they were working on the frontlines or at home. And we continued to innovate to meet the changing security needs of our customers and communities.
Overall, the pandemic has crammed years’ worth of change into a few short months and it will have long-lasting effects on how, when and where we work in the future. Work in the future will be very different to work in the past, which will present leaders with some challenges. However, it will also offer some significant opportunities to overhaul working practices and support employees who work from home with better collaboration and more intuitive access. The “Everywhere Enterprise” is not a passing phase, it’s the current reality and will continue to grow and expand as workers find new ways to be productive from anywhere.
Ward Osborne, CEO of Osborne Global Security
About Osborne Global Security
Osborne Global Security is a new player in the security space. They are challenging the stereotypes that come to mind when you originally think of security and replacing them with the ideas of trust, care and a shift in general security culture. This is a fascinating company to watch in the future.
“What are the most valuable lessons learned leading through a pandemic?”
As CISO’s for multiple companies through this pandemic, we have seen so much shift and change. There’s been borderline chaos in many companies – and chaos ALWAYS brings opportunity. For our clients, the ones we’ve worked with and developed mature, risk and capabilities based models for just this situation, they are thriving.
It’s interesting to see the world adapt to a virtual delivery model which we’ve been creating, living, evangelizing for 25 years. Our clients who may not have had the time or prioritization to develop those models and capabilities have taken a hit, but we continue to do what we do, which is develop and provide resilience and growth to our customers.
In a virtual and distributed world, Trust becomes a major factor in every conversation. If a customer can’t Trust that we are there to solve problems when things get tough, then they aren’t able to operate effectively knowing that someone has their back.
Our world has become physically disconnected, but the people and companies that deal with that challenge in a proactive and positive way will always thrive. We are here. Growing our tribe. Doing the next right thing and leading customers to success in the midst of all of this chaos and challenge.
Rodrigo Tumaián, CEO and Co-Founder of Prometeo
Prometeo provides a single point of access to banking information, transactions and payments across multiple financial institutions in Latam. Inspired by PSD2 and with high security standards, Prometeo brings easy plug & play access to open banking, the future of financial services. Currently, Prometeo is connected with more than 30 financial institutions across 9 countries of Latam (including México & Brazil) and provides access to more than 45 APIs.
“What are the most valuable lessons learned leading through a pandemic?”
Prometeo was born with a very strong focus on cyber-security, so the pandemic had no effect on our operation. Our company grew up with the foundation of mobility and work flexibility, this forced us from the beginning to think about the best way to transmit data and protect mobile assets. So when the pandemic arrived, we were already providing remote access (VPN) to all our employees, limiting access by profile. We were already using two-factor authentication to access our services. We already had user nomination and record of the operations generated by our employees on our assets. I think if I had to mention what was the most valuable thing we learned from the pandemic, it’s that the direction we took from the beginning was worth it. We didn’t have to deal with operational issues to handle the high demand for digital products from customers, we just did it. So the pandemic for us strengthened another of our fundamental values, not to make security to be compliance, but to make integral security, both within our company and for our customers.
Jean Le Bouthillier, CEO of Qohash
Qohash delivers advanced data classification and monitoring capabilities to protect your personal, health, corporate and financial data using transformational technologies such as machine learning and analytics.
“What are the most valuable lessons learned leading through a pandemic?”
2020 has accelerated digital transformation efforts and highlighted the need for advanced, lightweight data security capabilities. With enterprise employees working increasingly remote, data is flowing faster and in previously unimagined ways. Businesses realize that to keep up with the demands of clients and a digital workforce, data risk models need an update or risk jeopardizing the enterprise.
Qohash clients recognize that the employee Risk Score, a quantifiable measure of trust, mitigates the impact both of bad actors as well as busy, distracted employees.
Remote, digital work will be a part of enterprise operations for the foreseeable future. Organizations need to enable governance risk and compliance teams to better support this transition to Work From Anywhere [WFA] models where talent and business thrive.
Jean-Paul Smets, Founder and CEO RapidSpace
Rapid.Space is a cloud provider whose “approach is based exclusively on the use of free, fully auditable and reversible software, hardware and management procedures under open licenses. Thanks to a network of 228 points of presence, Rapid.Space has global presence including in mainland China. It covers similar features as the most sophisticated public cloud provider and introduces exclusive innovations such as industrial edge computing and private 4G/5G vRAN.
“What are the most valuable lessons learned leading through a pandemic?”
“Rapid.Space learned during the pandemic how to formalize its management procedures and remotely setup points of presence. Thanks to Augmented Reality and smart glasses, Rapid.Space team in Europe and Americas could setup remotely its points of presence in mainland China and Taiwan without having to travel by air plane”.
Software companies continue to deliver the highest growth rates for the 25th straight year, representing 71% of the entire list, the highest-ever percentage in the history of the rankings.
353 of the 500 fastest-growing companies in North America are in the software industry according to Deloitte’s 2020 Tech Fast 500, the most ever in the history of their rankings and a 3% increase over last year.
Two of the ten fastest-growing companies over the last three years specialize in cybersecurity, OneTrust and Transmit Security.
Notable software companies ranked in Deloitte’s 2020 Tech Fast 500 include Bolt, Illumio, LogicMonitor and Seeq.
Biotechnology/pharmaceutical companies are the second most prevalent sector, comprising 14% of all companies, followed by digital content/media/entertainment (5%) and medical devices (4%).
It’s fascinating to look at the emerging trends in Deloitte’s 2020 North America Technology Fast 500 Rankings as leading predictors of innovation. This year’s report is a quick read and provides a glimpse into the fastest-growing companies between 2016 and 2019. Deloitte chooses Technology Fast 500 awardees based on percentage fiscal year revenue growth from 2016 to 2019. Overall, the 2020 Technology Fast 500 companies achieved revenue growth ranging from 175% to 106,508% over the three-year time frame, with a median growth rate of 450%.
Key insights from the rankings include the following:
Five of the top ten winners are software companies, includingBranch Metrics, OneTrust, Transmit Security, Drift and CharterUP. It’s noteworthy that cybersecurity is well-represented in the top ten fastest-growing companies between 2016 and 2019. OneTrust and Transmit Security is in the top five fastest-growing companies between 2016 and 2019, accentuating how critical cybersecurity is becoming in all businesses. The following graphic lists the top ten Deloitte 2020 North America Technology Fast 500 winners.
Digital platform and enterprise infrastructure & productivity dominate software companies are dominating software sub-sectors with 56% of all companies. Deloitte’s ranking reflects the increasing urgency all organizations have to launch, scale and excel at new digital selling channels. The pandemic accelerated the urgency faster than the most compelling business case ever could. Having over 50% of all software companies in these categories quantifies the cloud as the platform of choice across enterprises.
Electronic devices/hardware, energy tech and software & SaaS are the three sectors generating the fastest growing businesses over the last three years. Edge computing and the quick pace of innovation in intelligent sensor development and adoption for the Internet of Things (IoT) and Industrial Internet of Things (IIoT) use cases are catalysts driving the 683% growth rate. Sustainability’s bottom-line benefits, including its positive impact on lean manufacturing, help drive to 525% growth rate in energy tech. Software and SaaS median growth rate of 465% shows enterprise software’s evolution is nascent and just getting started.
Cybersecurity professionals with cloud security skills can gain a $15,025 salary premium by capitalizing on strong market demand for their skills in 2021.
DevOps and Application Development Security professionals can expect to earn a $12,266 salary premium based on their unique, in-demand skills.
413,687 job postings for Health Information Security professionals were posted between October 2019 to September 2020, leading all skill areas in demand.
Cybersecurity’s fastest-growing skill areas reflect the high priority organizations place on building secure digital infrastructures that can scale. Application Development Security and Cloud Security are far and away from the fastest-growing skill areas in cybersecurity, with projected 5-year growth of 164% and 115%, respectively. This underscores the shift from retroactive security strategies to proactive security strategies. According to The U.S. Bureau of Labor Statistics’ Information Security Analyst’s Outlook, cybersecurity jobs are among the fastest-growing career areas nationally. The BLS predicts cybersecurity jobs will grow 31% through 2029, over seven times faster than the national average job growth of 4%.
Key takeaways from their analysis include the following:
Cloud Security skills are the most lucrative of all, predicted to deliver a $15,008 salary boost in 2021. Demand for specific Cloud Security skills is far outpacing the broader demand for cybersecurity skills in the labor market. Burning Glass predicts the fastest-growing skills over the next five years include Azure Security (+164%), Cloud Security Infrastructure (+144%), Google Cloud Security (+135%), Public Cloud Security (+121%), Cloud Security Architecture (+103%). There are 19,477 positions available for cybersecurity professionals with Cloud Security skills.
The fastest-growing cybersecurity skill is Application Development Security, predicted to see a 164% increase in available positions over five years. Cybersecurity professionals with Application Development Security, DevSecOps, Container Security, Microservices Security, Application Security Code Review are predicted to see an average $12,266 salary boost starting next year given the strong marketability of their skills. Like Cloud Security, market demand for Application Development Security professionals’ skillsets far outpaces average cybersecirty jobs growth over five years.
Knowing where the most cybersecurity job postings are by metro area and state provides job seekers with the insights they need to narrow their job search. Cyberseek partnered with Burning Glass to create an interactive U.S.-based heat map that shows cybersecurity positions by state or metro area. The heat map can be configured to show total job openings, supply of workers, supply/demand ratio,and location quotients. You can access the heat map here.
73% of enterprises (over 500 employees) accelerated their cloud migration plans to support the shift to remote working across their organizations due to the pandemic.
81% of enterprises accelerated their IT modernization processes due to the pandemic.
48% of all companies surveyed have accelerated their cloud migration plans, 49% have sped up their IT modernization plans because of Covid-19.
32% of large-scale enterprises, over 500 employees, are implementing more automation using artificial intelligence-based tools this year.
These and many other insights are from a recent survey of IT leaders completed by CensusWide and sponsored by Centrify. The survey’s objectives on understanding how the dynamics of IT investments, operations and spending have shifted over the last six months. The study finds that the larger the enterprise, the more important it is to secure remote access to critical infrastructure to IT admin teams. Remote access and updating privacy policies and notices are two of the highest priorities for mid-size organizations to enterprises today. The methodology is based on interviews with 215 IT leaders located in the U.S.
Key insights from the survey include the following:
The overwhelming majority of enterprises have transformed their cybersecurity approach over the last six months, with 83% of large-scale enterprises leading all organizations. It’s encouraging to see small and medium-sized businesses adjusting and improving their approach to cybersecurity. Reflecting how digitally-driven many small and medium businesses are, cybersecurity adjustments begin in organizations with 10 to 49 employees. 60% adjusted their cloud security postures as a result of distributed workforces.
48% of all organizations had to accelerate cloud migration due to the pandemic, with larger enterprises leading the way. Enterprises with over 500 employees are the most likely to accelerate cloud migration plans due to the pandemic. 73.5% of enterprises with more than 500 employees accelerated cloud migration plans to support their employees’ remote working arrangements, leading all organization categories. This finding reflects how cloud-first the largest enterprises have become this year. It’s also consistent with many other surveys completed in 2020, reflecting how much the cloud has solidly won the enterprise.
49% of all organizations and 81% of large-scale enterprises had to accelerate their IT modernization process due to the pandemic. For the largest enterprises, IT modernization equates to digitizing more processes using cloud-native services (59%), maintaining flexibility and security for a partially remote workforce (57%) and revisiting and adjusting their cybersecurity stacks (40%).
51% of enterprises with 500 employees or more are making remote, secure access their highest internal priority. In contrast, 27% of all organizations’ IT leaders say that providing secure, granular access to IT admin teams, outsourced IT and third-party vendors is a leading priority. The larger the enterprise, the more important remote access becomes. The survey also found organizations with 250 – 500 employees are most likely to purchase specific cybersecurity tools and applications to meet compliance requirements.
Conclusion & Wrap-Up
IT leaders are quickly using the lessons learned from the pandemic as a crucible to strengthen cloud transformation and IT modernization strategies. One of every three IT leaders interviewed, 34%, say their budgets have increased during the pandemic. In large-scale enterprises with over 500 employees, 59% of IT leaders have seen their budgets increase.
All organizations are also keeping their IT staff in place. 63% saw little to no impact on their teams, indicating that the majority of organizations will have both the budget and resources to maintain or grow their cybersecurity programs. 25% of IT leaders indicated that their company plans to keep their entire workforce 100% remote.
It’s encouraging to see IT leaders getting the support they need to achieve their cloud transformation and IT modernization initiatives going into next year. With every size of organization spending on cybersecurity tools, protecting cloud infrastructures needs to be a priority. Controlling administrative access risk in the cloud and DevOps is an excellent place to start with a comprehensive, modern Privileged Access Management solution. Leaders in this field, including Centrify, whose cloud-native architecture and flexible deployment and management options, deliver deep expertise in securing cloud environments.
Removing any doubt endpoints are resilient, self-healing and secure is what matters most to cybersecurity leaders today. It has become the highest priority across education, enterprise, financial services and government organizations in 2020 and beyond. At the same time, CIOs and CISOs are recognizing that endpoint complexity itself is a vulnerability. Absolute’s 2020 State of Endpoint Resilience Report finds there are now 10.2 agents per endpoint installed, up from 9.8. Add to this how quickly software agents degrade across thousands of remote devices and the size of the challenge becomes clear.
Absolute’s approach to delivering unified endpoint security using their Endpoint Resilience platform that creates a permanent digital tether to every endpoint in the enterprise is getting noticed by CIOs and CISOs. IT leaders say Absolute’s ability to provide greater visibility and control is what they need. Interested in learning more about how Absolute is helping customers taking on the many challenges of protecting the proliferating number of endpoints today and how the company sees the future, I recently spoke with Christy Wyatt, CEO. (You can see my discussion with her last year here.)
Under her leadership, Absolute’s revenues, customer retention and Net Income continue to grow. Total revenue in Q4-FY2020 was $27.2M, representing a year-over-year increase of 7%. Annual revenue in FY2020 was $104.7M, representing an increase of 6% over F2019. Absolute also attained a 14% year-over-year increase in Enterprise and Government revenue making this segment 68% of Total ARR on June 30, 2020.
Christy is one of the most brilliant, insightful leaders in cybersecurity today and her perspective on the future of endpoint security makes for a fascinating discussion. The following is my interview with her:
Louis: When you look back over the last eight months, which decisions and strategies do you see as being pivotal to Absolute’s growth and the fact that you accomplished so much, so quickly?
Christy: That’s a great question and the first thing that jumps to mind is our decision that Endpoint Resilience needs to be its own category. This was kind of a new thing. Many people talk about finding bad guys and the need for identity and access management.. there is a lot of use of the fear factor. And as an industry, we kept thinking of different ways devices could be compromised and we kept adding more security controls to solve those problems.
The thesis we arrived at, here at Absolute, is, “Listen, more isn’t always better. Making sure that things are actually working in there when you need them, that’s what is more important.” Because when you spend a lot of money on solutions, or when you tell your board or your CEO that you have a particular control and are now safe from a specific kind of risk… you need to go to sleep at night knowing that that’s in fact true. There needs to be a foundational belief that there is something solid to stand on when bad things happen.
And so, much of what we did this past year was really focused on quantifying that rate of decay because we believe that it is a painful problem organizations are having. I think that we are making traction and the insights we continue to publish on the state of Endpoint Resilience is really helping with that.
Louis: On your last earnings call, you talked about undeletable endpoint security and how it caught on in the education market. Did you change your go-to-market strategy this quarter to show you could scale an enterprise-wide deployment with teachers and administrators?
Christy: What’s important to remember is that we’ve been in business 20 years and that we started in education – as the one-to-one laptop initiatives for school kids were just getting underway. Those devices were very expensive and so that is the first problem we worked to solve. If somebody got their hands on a student’s device, how do you build a security platform that can survive anything that happens to that device? That was the original design premise all those years ago. And so, we have deep experience in things like scalability and solving problems for the education market.
What we’ve been seeing n the education market over the last couple of years has really been that, while technology has been an enabler for students, they weren’t necessarily thinking about teachers and administrators. So the challenge that they’ve grappled with over the last few months, notably with the accelerated shift to remote learning, is figuring out how to be both a digital and remote organization all at once. A lot of their processes were not yet online and not every single individual was connected.
Because we have a long-standing relationship with this community, we have a lot of expertise in the providing the scale and stability that they need. It was relatively intuitive for us to step and say, “Listen, these are things we can help you with. Here’s the bigger picture of things we could be helping you with, as you’re still figuring out distance learning and how to mobilize students.” Because we’ve also while serving education, we’ve also been serving banks and governments – and our enterprise business has been growing quite nicely over the years as well.
And I think we’re going to see that continue, because even as schools are contemplating sending children back to school, nobody knows whether this is a long-term or short-term. The new term I’ve started using is operational agility… and I think it applies to enterprise as well as it goes to education. I don’t think we ever again get to take for granted location and physical proximity to employees or students or devices. It has become a critical KPI for most organizations going forward.
Louis: Excellent point. And with regard to enterprise and government sectors growing 14% annually, what did you see in the eight months of this year that led to the double-digit growth in those markets?
Christy: Very few organizations had ever really contemplated the question, “What would happen if everybody had to be remote at a moment’s notice?” While our enterprise business has been experiencing double-digit growth for quite a while now, the onset of the pandemic really accelerated that growth. There has been a shift in thinking, that working remotely is not just for a smaller population of road warriors and sales reps and executives. I’ve spoken with many organizations that would say having a permanent digital connection to a device is really important for the people who are on airplanes and in a taxi cabs. But, I have a large percentage of my population that has a device that really they only use at work. Maybe it’s a laptop, maybe it’s a desktop – but either way, 99% of the time they are here. Or the times that they’re not here, they can VPN in. And I think that’s really become the challenge, that we can’t make that assumption anymore.
A lot of customers are rethinking all of that right now, as they’re seeing that being a remote, digitally-led organization can actually fit within their business model. If they give employees the flexibility to do what they love, where they want to do it, they’ll have an edge. While this is something that’s been forced on us, as with many things, the more you practice, the better you get… and then at some point, it becomes a part of the company’s DNA. And you learn to trust that you’re going to be safe and secure, your data and your employees are going to be just fine, because you don’t lose connection with them just because you can’t see them.
Louis: I think trust is an accelerator and Absolute’s success with endpoint security shows how to enable it at scale across organizations. Now with 13,000 customers, Absolute’s approach to building trust is working well.
On the earnings call you gave guidance of $112M to $118M with between 7% to 13% growth defined by how accounting transactions are handled. Underneath those figures, what’s the customer segment or what’s the geographic segment that you believe will be the primary catalyst for that revenue growth?
Christy: Perhaps a bit unusually for company our size, a large percentage of our revenue is actually North America-based. Our international markets have been some of the fastest growing segments for us. Our ecosystem of partners that we support – notably, the large PC and device manufacturers and their indirect channels – most of those are global entities and would like to support their customers in the same way internationally that they support them in North America. So one big focus for us is doing more selling and marketing globally, to meet this need.
I think the other big catalyst is going to be this shift to Resilience. We have a lot of customers who still rely on us for making sure they’re always connected to their devices and able to take preventative action – such as selectively wiping images or freezing a device, or geo-fencing a device from specific locations. While that’s certainly a critical set of capabilities, because we’re sitting in the hardware and sort of looking up at the software, we can help with this concept of self-healing. We can make sure that the critical controls you care about are truly working and protecting your employees.
A lot of the conversations we’re having, especially with new customers, are really focused on these capabilities. It’s not just, “How do I make sure I always know where my things are and that I can take action on them no matter where they are?” Instead, it’s “how do I use automated workflows to remediate risk? How do I have devices fix themselves so that my IT people don’t have to drown and help those calls?”
This concept of persistence and true self-healing that’s rooted in the hardware, I think is really, really powerful.. and the value of that really starts to become apparent when we’re in a world that looks like this. So I think those are some big focus areas for us as we go in the next year.
Louis: I like that one point you made on the earnings call about intelligence efforts, providing more data in a more interactive way for customers. I thought that that was really insightful and I think relevant to what you’ve been saying throughout our discussion. How do you help customers see themselves in a new way with new metrics, more interactively, more intuitively with greater insight?
Christy: It’s a different view for us and it’s something I’m very excited about. When it comes to a new product, I focus on, “What’s the question the customer’s going to be asking? What’s the problem they’re trying to solve?” And from there, “How do I package that up neatly so that they click on a button and get a report and it solves all of their problems?” But that’s not the world we live in today, especially when you have so many moving parts and things are continuously changing.
So it’s a different design philosophy when we say to the team, “You actually have no idea what question the customer is going to ask. Your job is to create tools that allow them to ask any question they have and then help them define the answer, either using our tool or using our data in some other tool.” At the end of the day, that’s how they get closer to the truth about what’s going on within their organization… and how they gain the ability to make better decisions.
Louis: Absolutely, that’s key to creating a culture that can continues to innovate and with Absolute’s focus on helping customers attain greater autonomous endpoint resiliency, it’s proving to be a strong catalyst for future growth too.